diff --git a/configs/config.yaml b/configs/config.yaml index 86061d9..d7950f2 100644 --- a/configs/config.yaml +++ b/configs/config.yaml @@ -49,9 +49,12 @@ wechat: cmb: sm2Prk: "" # 私钥 非对称加解密算法SM2 公钥长度为65字节,私钥长度为32字节。非对称密钥是基于国密推荐的椭圆曲线生成的,国密推荐曲线sm2p256v1 sm2Puk: "" # 公钥,给到招行密钥 + cmbSm2Pik: "" # 招行私钥mock使用,生产不会有该值 cmbSm2Puk: "" # 招行公钥 mid: "d6fdd78b6fd13a808818286b9cad9687" aid: "5efaa21263b94f669a1c90ed0279df20" + keyAlias: "CO_PUB_KEY_SM2" + cmbKeyAlias: "SM2_CMBLIFE" notifyUrl: "https://gateway.dev.cdlsxd.cn/ymt/jd/v1/notify" #配置日志 diff --git a/internal/conf/conf.pb.go b/internal/conf/conf.pb.go index e427c5d..aa5451c 100644 --- a/internal/conf/conf.pb.go +++ b/internal/conf/conf.pb.go @@ -420,12 +420,14 @@ type Cmb struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Mid string `protobuf:"bytes,1,opt,name=mid,proto3" json:"mid,omitempty"` - Aid string `protobuf:"bytes,2,opt,name=aid,proto3" json:"aid,omitempty"` - Sm2Prk string `protobuf:"bytes,4,opt,name=sm2Prk,proto3" json:"sm2Prk,omitempty"` - Sm2Puk string `protobuf:"bytes,5,opt,name=sm2Puk,proto3" json:"sm2Puk,omitempty"` - CmbSm2Puk string `protobuf:"bytes,6,opt,name=cmbSm2Puk,proto3" json:"cmbSm2Puk,omitempty"` - NotifyUrl string `protobuf:"bytes,3,opt,name=notifyUrl,proto3" json:"notifyUrl,omitempty"` + Mid string `protobuf:"bytes,1,opt,name=mid,proto3" json:"mid,omitempty"` + Aid string `protobuf:"bytes,2,opt,name=aid,proto3" json:"aid,omitempty"` + Sm2Prk string `protobuf:"bytes,4,opt,name=sm2Prk,proto3" json:"sm2Prk,omitempty"` + Sm2Puk string `protobuf:"bytes,5,opt,name=sm2Puk,proto3" json:"sm2Puk,omitempty"` + CmbSm2Puk string `protobuf:"bytes,6,opt,name=cmbSm2Puk,proto3" json:"cmbSm2Puk,omitempty"` + KeyAlias string `protobuf:"bytes,7,opt,name=keyAlias,proto3" json:"keyAlias,omitempty"` + CmbKeyAlias string `protobuf:"bytes,8,opt,name=cmbKeyAlias,proto3" json:"cmbKeyAlias,omitempty"` + NotifyUrl string `protobuf:"bytes,3,opt,name=notifyUrl,proto3" json:"notifyUrl,omitempty"` } func (x *Cmb) Reset() { @@ -495,6 +497,20 @@ func (x *Cmb) GetCmbSm2Puk() string { return "" } +func (x *Cmb) GetKeyAlias() string { + if x != nil { + return x.KeyAlias + } + return "" +} + +func (x *Cmb) GetCmbKeyAlias() string { + if x != nil { + return x.CmbKeyAlias + } + return "" +} + func (x *Cmb) GetNotifyUrl() string { if x != nil { return x.NotifyUrl @@ -948,7 +964,7 @@ var file_conf_conf_proto_rawDesc = []byte{ 0x0a, 0x1a, 0x6d, 0x63, 0x68, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a, 0x6d, 0x63, 0x68, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, - 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x22, 0x95, + 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x22, 0xd3, 0x01, 0x0a, 0x03, 0x43, 0x6d, 0x62, 0x12, 0x10, 0x0a, 0x03, 0x6d, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6d, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x61, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x61, 0x69, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x6d, @@ -956,15 +972,19 @@ var file_conf_conf_proto_rawDesc = []byte{ 0x72, 0x6b, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x12, 0x1c, 0x0a, 0x09, 0x63, 0x6d, 0x62, 0x53, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63, - 0x6d, 0x62, 0x53, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x74, 0x69, - 0x66, 0x79, 0x55, 0x72, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x6f, 0x74, - 0x69, 0x66, 0x79, 0x55, 0x72, 0x6c, 0x22, 0x3a, 0x0a, 0x04, 0x4c, 0x6f, 0x67, 0x73, 0x12, 0x1a, - 0x0a, 0x08, 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x08, 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, - 0x63, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x63, 0x65, - 0x73, 0x73, 0x42, 0x17, 0x5a, 0x15, 0x76, 0x6f, 0x75, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x63, 0x70, - 0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x3b, 0x63, 0x6f, 0x6e, 0x66, 0x62, 0x06, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x33, + 0x6d, 0x62, 0x53, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x12, 0x1a, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x41, + 0x6c, 0x69, 0x61, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6b, 0x65, 0x79, 0x41, + 0x6c, 0x69, 0x61, 0x73, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x6d, 0x62, 0x4b, 0x65, 0x79, 0x41, 0x6c, + 0x69, 0x61, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6d, 0x62, 0x4b, 0x65, + 0x79, 0x41, 0x6c, 0x69, 0x61, 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x74, 0x69, 0x66, 0x79, + 0x55, 0x72, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x6f, 0x74, 0x69, 0x66, + 0x79, 0x55, 0x72, 0x6c, 0x22, 0x3a, 0x0a, 0x04, 0x4c, 0x6f, 0x67, 0x73, 0x12, 0x1a, 0x0a, 0x08, + 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, 0x63, 0x65, + 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, + 0x42, 0x17, 0x5a, 0x15, 0x76, 0x6f, 0x75, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x63, 0x70, 0x6e, 0x2f, + 0x63, 0x6f, 0x6e, 0x66, 0x3b, 0x63, 0x6f, 0x6e, 0x66, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, } var ( diff --git a/internal/conf/conf.proto b/internal/conf/conf.proto index d3a5977..e849a43 100644 --- a/internal/conf/conf.proto +++ b/internal/conf/conf.proto @@ -76,6 +76,8 @@ message Cmb { string sm2Prk = 4; string sm2Puk = 5; string cmbSm2Puk = 6; + string keyAlias = 7; + string cmbKeyAlias = 8; string notifyUrl = 3; } diff --git a/internal/pkg/cmb/sm2.go b/internal/pkg/cmb/sm2.go index ee18f65..815bc4f 100644 --- a/internal/pkg/cmb/sm2.go +++ b/internal/pkg/cmb/sm2.go @@ -43,7 +43,7 @@ func publicKeyToString(publicKey *sm2.PublicKey) string { return hex.EncodeToString(publicKeyBytes) } -func encrypt(sopPublicKey, input string) (string, error) { +func Encrypt(sopPublicKey, input string) (string, error) { sm4Key := GenerateSM4Key() iv := GetSM4IV() @@ -66,7 +66,8 @@ func encrypt(sopPublicKey, input string) (string, error) { return fmt.Sprintf("%s|%s", base64.StdEncoding.EncodeToString([]byte(kvTmp)), base64.StdEncoding.EncodeToString(encryptedBody)), nil } -func decrypt(privateKey, input string) (string, error) { +func Decrypt(privateKey, input string) (string, error) { + tmpDataArr := strings.Split(input, "|") if len(tmpDataArr) != 2 { return "", fmt.Errorf("数据格式错误") @@ -108,7 +109,7 @@ func decrypt(privateKey, input string) (string, error) { return string(Padding(plainText, 0)), nil } -func sign(privateKey, input string) (string, error) { +func Sign(privateKey, input string) (string, error) { signData, err := sm22.NewSm2(). SetHexPrivateKey(privateKey). @@ -123,7 +124,7 @@ func sign(privateKey, input string) (string, error) { return base64.StdEncoding.EncodeToString([]byte(signData)), nil } -func verify(publicKey, input, sign string) (bool, error) { +func Verify(publicKey, input, sign string) (bool, error) { ok, err := sm22.NewSm2(). SetHexPublicKey(publicKey). diff --git a/internal/pkg/cmb/sm2_test.go b/internal/pkg/cmb/sm2_test.go index 725bce9..ec2b215 100644 --- a/internal/pkg/cmb/sm2_test.go +++ b/internal/pkg/cmb/sm2_test.go @@ -18,14 +18,14 @@ func TestGenerateSm2Key(t *testing.T) { func TestEncrypt(t *testing.T) { pukKey := "04a702106cf530dc981e44cd515b394747cfd6bb059247696b188b25281ea4278fe7c6e34a83680110eec71becd31f5db14abc671e5d8e67ce7ca3c6b3adc86674" content := `{"name":"zhangxx","phoneNo":"137xxxxxxxx"}` - xx, err := encrypt(pukKey, content) + xx, err := Encrypt(pukKey, content) t.Log(xx, err) } func TestDecrypt(t *testing.T) { priKey := "9450c673cf801164435b9c164ac1404e87997245bc6f323fde22015875a03f6e" content := "BHeko/ZYFzQOJn6Q3y46X1AjNz8Nh5fq1FfMuWebh+TangLnlK5iFqePCst4rjG/FKJInijiKO2Qq18sJULlMEEgri05s+bHHDKM+Y+73crAbCnIhHbZxUjt8A0cq2rKjzkl8bxW33dU18uuiTEAmsAvKvmZgE6zJ1eDyjFWefHEIFJaKCNY2cTQOInt|8UYFZFTkx0DovPhaWCbdBkAqbgGmegT14F5gwXLJ6G1uWdYNvX+i5QWAYUGtd8u9" - xx, err := decrypt(priKey, content) + xx, err := Decrypt(priKey, content) t.Log(xx, err) } @@ -35,14 +35,14 @@ func TestEncryptDecrypt(t *testing.T) { content := `{"name":"zhangxx","phoneNo":"137xxxxxxxx"}` - xx, err := encrypt(pukKey, content) + xx, err := Encrypt(pukKey, content) if err != nil { t.Log(err) return } t.Log(xx) - aa, err := decrypt(priKey, xx) + aa, err := Decrypt(priKey, xx) if err != nil { t.Log(err) return @@ -55,7 +55,7 @@ func TestSign(t *testing.T) { content := "accessToken.json?aid=9dad6d3900ec3ffabd80e46522a10ead&cmbKeyAlias=SM2_CMBLIFE&date=20240314091628&encryptBody=BNhquiza494xicGIOvE7G5jLr7nhQI6Tp4V5j3a+3P98oD+uUKVXAPXt+ae3GsDvs+FyOaqoNSzdYsSqNDW3rA1AFUbsljTI9EaWMB+FAHpZ3Wjn6Qyl8EzJpUIbCnqAIOWjr2hDsexJd+NPVxQwNqq9W66lC/PBC4/1/QCz+87Yq8b4hHx7bP2u5h95|YwTJn3uKMQfhDSuJKIx3hyFZcoLm9M2xKnVDmNLPq5PbGedoZY/4g1Z/sKk8cWzH&keyAlias=CO_PUB_KEY_SM2&mid=f806c259d86e3b9aa956c98d475b6af7&random=320bcb8c8cf7419e98d562439bdb3baa" - xx, err := sign(priKey, content) + xx, err := Sign(priKey, content) t.Log(xx, err) } @@ -65,6 +65,6 @@ func TestVerify(t *testing.T) { content := "accessToken.json?aid=9dad6d3900ec3ffabd80e46522a10ead&cmbKeyAlias=SM2_CMBLIFE&date=20250305115032&encryptBody=BHeko/ZYFzQOJn6Q3y46X1AjNz8Nh5fq1FfMuWebh+TangLnlK5iFqePCst4rjG/FKJInijiKO2Qq18sJULlMEEgri05s+bHHDKM+Y+73crAbCnIhHbZxUjt8A0cq2rKjzkl8bxW33dU18uuiTEAmsAvKvmZgE6zJ1eDyjFWefHEIFJaKCNY2cTQOInt|8UYFZFTkx0DovPhaWCbdBkAqbgGmegT14F5gwXLJ6G1uWdYNvX+i5QWAYUGtd8u9&keyAlias=CO_PUB_KEY_SM2&mid=f806c259d86e3b9aa956c98d475b6af7&random=286d97b1d8ed4bbf822b004470c92ae8" signDataBase64 := "MEUCIAg1zxnKG+X8t/hlwEoyL/T33iKgle09S6bfb3eZh/FqAiEAxtK5TdGAo+JpK7JmL15tT4nlQyrUzC14flu0Tq+9Svo=" - xx, err := verify(pukKey, content, signDataBase64) + xx, err := Verify(pukKey, content, signDataBase64) t.Log(xx, err) } diff --git a/internal/service/cmb_mock.go b/internal/service/cmb_mock.go index f56ba58..643df12 100644 --- a/internal/service/cmb_mock.go +++ b/internal/service/cmb_mock.go @@ -2,7 +2,9 @@ package service import ( "github.com/go-kratos/kratos/v2/transport/http" + "time" v1 "voucher/api/v1" + "voucher/internal/pkg/cmb" ) func (s *VoucherService) CmbOrderMock(ctx http.Context) error { @@ -12,9 +14,27 @@ func (s *VoucherService) CmbOrderMock(ctx http.Context) error { return err } - //bizJson := req.String() + bizJson := req.String() - reply := &v1.CmbRequest{} + // 我们的sm2 公钥加密 + // 请求到我们这边 使用 我们的私钥解密 + encryptBody, err := cmb.Encrypt(s.bc.Cmb.Sm2Puk, bizJson) + if err != nil { + return err + } + + date := time.Now().Format("20060102150405") + + reply := &v1.CmbRequest{ + Mid: s.bc.Cmb.Mid, + Aid: s.bc.Cmb.Aid, + Date: date, + Random: string(cmb.RandomBytes(16)), + KeyAlias: s.bc.Cmb.KeyAlias, + CmbKeyAlias: s.bc.Cmb.CmbKeyAlias, + EncryptBody: encryptBody, + Sign: "", + } return ctx.JSON(200, reply) }